This notice explains what personal data (information) we hold about you, how we collect it, how we use it and how we may share information that we hold about you in order to deliver our services. We are required to give you this information under data protection law. Northamptonshire Children's Trust is committed to protecting your privacy when you use our services. The Privacy Notice below explains how we use information about you and how we protect your privacy.
Northamptonshire Children's Trust complies with data protection legislation (the Data Protection Act 2018 and the General Data Protection Regulation (GDPR) and is registered as a 'Data Controller' (Reg. No ZA781861).
Who we are
Northamptonshire Children's Trust provides services on behalf of Northamptonshire County Council in the following areas:
- Adoption and Fostering
- Help and Protection for Children
- Early Help and Targeted Prevention
- Special Educational Needs and Disability
- Youth Offending Service in a partnership arrangement.
The Commissioning and Strategy service is responsible for commissioning services for children, young people and families in line with the strategic direction of Northamptonshire County Council and our statutory duties. This also includes strategic planning and promotes participation and engagement of young people in service planning and delivery.
What personal information do we collect to deliver this service?
In order to commission services and deliver participation and engagement opportunities, we may collect the following personal information. Some of the information we hold and use has already been collected and is provided to this service by other teams in Children's Services (these lists are not exhaustive):
- personal information such as your name, age, address, contact details
- special category information such as ethnicity and gender
- information describing service needs and requirements if relevant to a commissioned service
- family contact detail
- assigned professional or practitioner details
- Child in Care status or other status
- current school and details of any exclusions
- SEND Details
- EHC Plan
We will seek the following information from providers of services:
- name of key contact person
- business address
- contractual information including information collected for Quality Assurance purposes
- Health and safety and insurance details
- VAT number
- bank details
- Ofsted and CQC Category
We may also seek personal information from other sources including:
- other Northamptonshire County Council departments
- schools and academies
- agencies that you have received a service from (if applicable)
- Disclosure and Barring Service (DBS)
- regulatory bodies such as Care Quality Commission and Ofsted
How we collect this information
We collect personal information in the following ways:
- secure records and databases managed by Northamptonshire Children's Trust and Northamptonshire County Council
- online form for registration and requests for services
- commissioning processes including tender applications
How your personal information is stored
We hold data securely for the set amount of time detailed in our records Retention Schedule. For more information in regards to this and how we keep your information safe please check our Records retention schedule.
Purposes of collecting this personal information
- service planning
- service delivery
- service improvement
- participation and engagement activities and consultation with children and young people
How we use this personal information in Adoption Services
- To develop strategies and supporting service planning
- To commission best value services, this ranges from large contracts to individual bespoke services
- To prepare for regulatory inspections
- To co-ordinate participation and engagement activity for young people, including managing participation groups
- To support the sufficiency of provision of services for children, young people and families
- To source and ensure good quality placements for children in care and care leavers
- To manage the quality of, and outcomes delivered by, direct and in-direct or commissioned services
- To monitor contracts and provide quality assurance
How long your personal information is held for
Information which you have provided will be stored securely in line with the retention periods shown below after which time it is archived or securely destroyed, unless we are required by law to retain records for longer than the stated retention period. The information will only be used for the purposes stated when it was collected. Information will not be sold, rented or provided to anyone else, or used for any other purpose than that for which it was originally collected unless required to by law.
What is the legal basis for the collection and use of your personal information?
We collect and use your personal information in order to:
- perform a Statutory Duty
- to enable service delivery
The following are the main legal basis:
- Public Services Act (social value) Act 2012
- Public Contract Regulations 2015
- The Children and Families Act 2014
- Care Act 2014
- Children and Social Work Act 2017
Providers are required to provide us with your information to contract your services with us. The consequences of not providing the information requested are that we cannot enter into a contract with you and pay for services delivered.
Who we may share your information with
If required we will share your information with Northamptonshire County Council (NCC) that commissions the Northamptonshire Children's Trust.
We may also share your information with the following organisations (this list is not exhaustive):
- Care Quality Commission
- commissioned delivery partners
- other Local Authorities
- residential care providers
- Youth Offending Service
- project partners
- East Midlands Framework
Why do we share this information?
To enable the service to deliver its statutory and service related duties.
We will share personal information with law enforcement or other authorities if required by applicable law.
Under GDPR you have rights which you can exercise free of charge which allow you to:
- know what we are doing with your information and why we are doing it
- ask to see what information we hold about you (subject access request)
- ask us to correct any mistakes in the information we hold about you
- object to direct marketing
- make a complaint to the Information Commissioners Office
- withdraw consent at any time (if applicable as this will not be possible in certain circumstances)
Depending on our reason for using your information you may also be entitled to:
- ask us to delete information we hold about you (if applicable) have your information transferred electronically to yourself or to another organisation
- object to decisions being made that significantly affect you
- object to how we are using your information
- stop us using your information in certain ways
We will always seek to comply with your request however we may be required to hold or use your information to comply with legal duties which will override the requirements of the GDPR. Please note, your request may delay or prevent us delivering a service to you.
For further information about your rights, including the circumstances in which they apply, see the guidance from the UK Information Commissioners Office (ICO) on individuals' rights under GDPR.
We are required under Section 6 of the Audit Commission Act 1998 to participate in the National Fraud Initiative data matching exercise. The data held will be used for cross-system and cross authority comparison for the prevention and detection of fraud. For further information see the National Fraud Initiative webpage.
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Requesting access to your personal information
Under data protection legislation, parents, carers and children have the right to request access to information that we hold on them. To make a request for your personal information please contact:
FOI/Data Protection Team
Northamptonshire County Council
One Angel Square
Phone: 01604 368 360
If you have a concern about the way we are collecting or using your personal information, you should raise your concern with us in the first instance. GDPR also gives you right to lodge a complaint with a supervisory authority. The supervisory authority in the UK is the Information Commissioner who may be contacted on 03031 231 113. Or see the ICO Website for further details.
If you would like to discuss anything in this Privacy Notice please contact:
Data Protection Officer
Northamptonshire Children's Trust
One Angel Square